userctrl.php

   1 <?php
   2 /*=====================================================================*\
   3 || ################################################################### ||
   4 || # Bugdar [#]version[#]
   5 || # --------------------------------------------------------------- # ||
   6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
   7 || # This file may not be reproduced in any way without permission.  # ||
   8 || # --------------------------------------------------------------- # ||
   9 || # User License Agreement at http://www.iris-studios.com/license/  # ||
  10 || ################################################################### ||
  11 \*=====================================================================*/
  12
  13 $fetchtemplates = array(
  14         'userctrl'
  15 );
  16
  17 define('SVN', '$Id$');
  18
  19 $focus['user'] = 'focus';
  20
  21 require_once('./global.php');
  22
  23 if (!$bugsys->userinfo['userid'])
  24 {
  25         $message->error_permission();
  26 }
  27
  28 $userinfo = $bugsys->userinfo;
  29
  30 // ###################################################################
  31
  32 if (empty($_REQUEST['do']))
  33 {
  34         $_REQUEST['do'] = 'modify';
  35 }
  36
  37 // ###################################################################
  38
  39 if ($_POST['do'] == 'update')
  40 {
  41         // -------------------------------------------------------------------
  42         // display name validation
  43         $count = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE displayname = '" . $bugsys->in['displayname'] . "' AND userid <> " . $bugsys->userinfo['userid']);
  44         if ($count)
  45         {
  46                 $message->list[] = $lang->string('That display name is already in use by another user');
  47         }
  48
  49         // -------------------------------------------------------------------
  50         // authentication
  51         if (!empty($bugsys->in['password']) OR !empty($bugsys->in['email']))
  52         {
  53                 if (empty($bugsys->in['validate']))
  54                 {
  55                         $message->list[] = $lang->string('You need to enter your current password to change your email or password');
  56                 }
  57                 else
  58                 {
  59                         if (md5(md5($bugsys->in['validate']) . md5($bugsys->userinfo['salt'])) != $bugsys->userinfo['password'])
  60                         {
  61                                 $message->list[] = $lang->string('Your authentication password does not match the one in our records');
  62                         }
  63                 }
  64         }
  65
  66         // -------------------------------------------------------------------
  67         // email validation
  68         if (!empty($bugsys->in['email']))
  69         {
  70                 if (!empty($bugsys->in['email']) AND empty($bugsys->in['email_confirm']))
  71                 {
  72                         $message->list[] = $lang->string('You need to enter both the email and confirm email fields to change your address');
  73                 }
  74
  75                 if ($bugsys->in['email'] != $bugsys->in['email_confirm'])
  76                 {
  77                         $message->list[] = $lang->string('Your email and confirm email addresses do not match');
  78                 }
  79
  80                 if ($bugsys->in['email'])
  81                 {
  82                         $count = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . $bugsys->in['email'] . "' AND userid <> " . $bugsys->userinfo['userid']);
  83                         if ($count)
  84                         {
  85                                 $message->list[] = $lang->string('That email address is already in use');
  86                         }
  87                 }
  88
  89                 $email = true;
  90         }
  91
  92         // -------------------------------------------------------------------
  93         // password validation
  94         if (!empty($bugsys->in['password']))
  95         {
  96                 if (!empty($bugsys->in['password']) AND empty($bugsys->in['password_confirm']))
  97                 {
  98                         $message->list[] = $lang->string('You need to enter both the password and confirm password fields to change your password');
  99                 }
 100                 else
 101                 {
 102                         if ($bugsys->in['password'] != $bugsys->in['password_confirm'])
 103                         {
 104                                 $message->list[] = $lang->string('Your password and confirm password do not match');
 105                         }
 106                 }
 107
 108                 $password = true;
 109         }
 110
 111         // -------------------------------------------------------------------
 112         // copy fields
 113         $userinfo['displayname'] = $bugsys->in['displayname'];
 114         $userinfo['showemail'] = $bugsys->in['showemail'];
 115         $userinfo['showcolours'] = $bugsys->in['showcolours'];
 116         $userinfo['languageid'] = $bugsys->in['languageid'];
 117         $userinfo['timezone'] = $bugsys->in['timezone'];
 118
 119         $email = $bugsys->in['email'];
 120         $email_confirm = $bugsys->in['email_confirm'];
 121
 122         // -------------------------------------------------------------------
 123         // error handling
 124         if ($message->list)
 125         {
 126                 $message->error_list_process();
 127
 128                 $show['errors'] = true;
 129                 $_REQUEST['do'] = 'modify';
 130         }
 131         else
 132         {
 133                 $db->query("
 134                         UPDATE " . TABLE_PREFIX . "user
 135                         SET displayname = '" . $bugsys->in['displayname'] . "',
 136                                 showemail = " . intval($bugsys->in['showemail']) . ",
 137                                 showcolours = " . intval($bugsys->in['showcolours']) . ",
 138                                 languageid = " . intval($bugsys->in['languageid']) . ",
 139                                 timezone = " . intval($bugsys->in['timezone']) . ($email ? "
 140                                 email = '" . $bugsys->in['email'] . "'" : '') . ($password ? "
 141                                 password = '" . md5(md5($bugsys->in['password']) . md5($bugsys->userinfo['salt'])) . "'" : '') . "
 142                         WHERE userid = " . $bugsys->userinfo['userid']
 143                 );
 144
 145                 if (can_perform('canbeassignedto'))
 146                 {
 147                         require_once('./includes/functions_datastore.php');
 148                         build_assignedto();
 149                 }
 150
 151                 $message->redirect($lang->string('The changes to your account have been made.'), 'userctrl.php');
 152         }
 153 }
 154
 155 // ###################################################################
 156
 157 if ($_REQUEST['do'] == 'modify')
 158 {
 159         $langselect = construct_datastore_select('language', 'title', 'languageid', $userinfo['languageid']);
 160
 161         foreach ($datef->fetch_timezone_list() AS $value => $label)
 162         {
 163                 $selected = ($value == $userinfo['timezone']);
 164                 eval('$tzselect .= "' . $template->fetch('selectoption') . '";');
 165         }
 166
 167         eval('$template->flush("' . $template->fetch('userctrl') . '");');
 168 }
 169
 170 /*=====================================================================*\
 171 || ###################################################################
 172 || # $HeadURL$
 173 || # $Id$
 174 || ###################################################################
 175 \*=====================================================================*/
 176 ?>